` The regulatory landscape (Why)
` Methodologies & generally accepted industry et odo og es & ge e a y accepted dust y standard practices (How)
` Quality Systems (Why, What, Who, How)
` Rationalizing the Application Portfolio (What)
` Retaining records (When)
Typically something bad happened Typically something bad happened
x We’ve harmed others (physically / financially)
x We’ve may have harmed ourselves or society in general x We have harmed the environment
` It’s important to know the law
Who isn’t regulated?
3
` RUP: Rational Unified Process
` ITIL: Information Technology Infrastructure Library
` GAMP: Good Automated Manufacturing Practices
Practices
` CMMI: Capability Maturity Model Integrated
The nice thing about standards is there are so many to choose from - unknown
Make regulations and “the process” your own Make regulations and the process your own
◦ Your interpretation of the law
◦ The spirit of the law versus the letterof the law
◦ Appropriate methodologies and generally accepted industry standard practices
` AVOID The Sky is Falling syndrome
Great in theory, but doesn’t work in practice – French Proverb
In general a Quality Management System comprises 3 core elements:
In general, a Quality Management System comprises 3 core elements:
1. People
2. Processes
3. Technology
Specifically, an Information Systems QMS is:
` Aset of policies, standards and procedures
` Delivering the ability to specify, control, and measure core processes
` Resulting in improved business performance” -- Amgen
F d li t ti b d
Focus on good, compliant practices, based on proven methodologies across the system’s life-cycle
1) If it isn’t documented, it doesn’t exist 2) ) Trust but verify
` Apply:
◦ Generally accepted good industry standard
i h i lif l (RUP
practices across the entire system life-cycle (RUP, ITIL, GAMP, ...)
◦ Risk management
` Adhere to requirements
◦ Regulatory (GxP)
◦ Policy, & Procedure
◦ TrainingTraining
◦ Quality oversight
` Improve: employ continuous process improvement (e.g., CMMI)
5
Deliver services in a compliant framework to e e se ces a co p a t a e o to ensure consistent, reliable performance in line with generally accepted practices
If it isn’t documented, it doesn’t exist
Policy (why) Standards (what)
Procedure (how)
Executive Management
Staff
` Individuals: qualified by education,
experience, and training to perform a taskp , g p
` Cross functional team of Subject Matter Experts
` Quality Assurance (QA): effect the process not the project
` Quality Control (QC): delaying a solution may create more of a risk
The world isn’t black and white!
7
Governance Security & Compliance
Support Services System Development
System Operation System Decommissioning
` Manage IS Processes
` Manage IS Technologiesa age S ec o og es
` Manage
◦ Security
◦ Compliance
◦ Internal Audits
` Support Services should manage 10 areas:
1. Risk
2. Service Level Agreements 3. Service Requests
4. Configuration 5. Documents
6. Service Continuity 7. Problems and Incidents 8. Change
9. Training 10.Release
9
` Manage Project
` Define Problem & Solutione e ob e & So ut o
` Determine Requirements
` Purchase System
` Design Solution
` Assemble & Integrate
` Verify and Test
` Verify and Test
` Operate and Administer Systems
` Measure and Analyze Systemseasu e a d a y e Syste s
` Archive eRecords
` Decommission Softwareeco ss o So t a e
` Decommission Hardware
` Controlling documents
` Managing inventoriesa ag g e to es
` Tracking changes
` Taking action (corrective / preventative)
` Root cause analysis
11
` Having a Product Manager
` Branding the “IS Quality System”a d g t e S Qua ty Syste
◦ Simply Good System Engineering
◦ Brand consistency x Marketing material x Intranet portal
` Managing changes to the IS Quality system
◦ Release schedule
◦ Cross-functional team of subject matter experts
` Training
The best way to create an enemy is to introduce change – Woodrow Wilson
` Return On Investment (ROI)
` Total Cost of Ownership (TCO)ota Cost o O e s p ( CO)
◦ Overhead
◦ Disk storage
◦ Facilities / space
◦ Support personnel
` Break-Even analysis (will eventually become too costly to maintain & support)
too costly to maintain & support)
` Charging back to the client (if you’re paying for it then I need everything)
` Lifecycles
◦ System (cradle to grave)
◦ Software Development
◦ Software Development
x Custom versus Commercial (build vs buy) x >80% buy with no customization anticipated x 50% to 80% buy with some customization x < 50% build
◦ Test / Validation
x ~20, 30, 40+% of project budget for 1, 2, or 3+ cycles respectively
x Changes in productionC a ges p oduct o
x Increase risk (compliance, stability, etc.)
x Increases cost and time by a factor of 10 (an order of magnitude)
` Overhead (~30%)
13
6Cost
Application XYZ Profile
0 1 23 4 5Cost
Risk
Data Value Business
Value Technology 0
2 4
Risk
Data Value Business Value
Technology
24 6Cost
Ri k T h l
0
2 Risk
Data Value Business …
Technology GLP
GCP
` Critical systems are often neglected when the application portfolio is too largepp p g
` The ability to recover in the event of a disaster becomes more complex with more systems
` The ability to standardize is more difficult with more components
` Expertise is spread too thin when there’s too much to specialize on
` Commercial Off-The-Shelf (COTS) solutions
` Application Service Provider (ASP)pp cat o Se ce o de ( S )
◦ LIMS
◦ Document Management
◦ Audit Management Software
◦ Corrective Action / Preventive Action
15
` Integral with the IS Quality System
` Client “buy-in”C e t buy
` C-Level / Executive support
` Not adhering to a company’s record retention schedule is not compliantp
` Having a record retention schedule optimizes investment and effectively manages risk
` Data storage costs can be significant
◦ Redundancy
◦ Tape storage A hi l i
◦ Archival services
` Applications need the ability to archive records
` The client must:
◦ Know their process
◦ Specify the critical systems
◦ Identify the sequence of events necessary to recover in the event of a disaster
` Applications need the ability to archive records
` Data storage costs can be significant
` Data storage costs can be significant
◦ Redundancy
◦ Tape storage
◦ Archival services
Information Systems owns very little data!
Clients own their data, not IS.
` A new system or enhancement to an existing system shouldy
◦ Save money
◦ Save time
◦ Improve quality
` Know the business process
` Articulate the “true” requirements
17
` Knowing the audience
` Clear, concise, consistentC ea , co c se, co s ste t
` Quantifying what’s bad and what’s good
` Should be a complementary system, not an administrative burden
< 50% 50% - 80% > 80%
Build? Buy
May have to
Customize Buy “As Is”
` Does it cost more to fix the problem w/o yielding the business benefit?
y g
` Can you quantify the cost (how much does it cost to rebuild a reputation)
` Vulnerability vs Threat
` Opportunity
` Minor finding < $500K
` Major finding ~ 500 - $1Majo d g 500 $
` Critical finding > $1M
` Team of people
< 5 localized
5-10 geographically disbursed 10 – 20+ global
19
Auditca™
Auditca™ is a purpose‐built system for audit teams in regulated environments seeking to maximize auditor efficiency while providing a platform to drive consistent execution. PSC Biotech developed Auditca™ based upon its own needs and those of a large biotechnology company requiring an easy to use, robust system to execute audits and issuing findings that meet standards with less effort. In addition, the structure of Auditca™ automates the production of meaningful management reports with an optional analytics capability We invite you to understand how Auditca™ can increase your team’s an optional analytics capability. We invite you to understand how Auditca can increase your team s productive time while providing management actionable information.
Benefits:
Streamlines execution Increases auditor productivity Captures & applies best practices Automates reporting Enables collaboration Key Features:
Online and off‐line functionality
• Enables conducting audits while disconnected from the internet
• Enables building the report while disconnected from the internet
Integrated regulatory reference libraries
• Provides “road warriors” complete functionality to build & edit reports
Maintains versions
• Stores all versions including the final report
Tracks findings (via optional module)
• Delivers an integrated tracking & reporting module in lieu of MS Outlook, cGMP or desktop tools
• Enables easy trend reporting to identify patterns
Calendar to review & set audit schedule
• Provides entries to MS Outlook
Interact with the Regulatory Reference Library
Manage and record audit agendas
Audit Utopia™
Audit Utopia™ provides a solution for managing inspection & audit requests that streamlines non‐value added work, improves consistency audit to audit, and enables presenting a better first impression.
Our customers see improved responsiveness, save administrative time and can respond more strategically when needed. In addition, with the recent change by the FDA requiring a response to certain observations within 15 days most teams can easily justify Audit Utopia’s purpose‐built approach now.
Benefits:
Streamlines execution Aids positive first impression with inspectors Provides management direct visibility Increases collaboration Eliminates re‐work Accelerates responses
Key Features:
Tracks and manages all requests
• Provides real‐time status of all requests to all team members
• Replaces paper, Excel and other desktop tools Team members see activities in progress Team members see activities in progress
• Provides a complete picture of all activities limited by security
• Sets response priority
• Instant access to required activities Real‐time automated reporting
• Eliminates manual creation of activity reports
Provides both chat & scribe capabilities
• Increases communication
• Interactive record of key activities Records all audits
• Provides a record of all audits and activities performed Secure
• Permissions limit access to activities and history
EZCAPA™
EZ‐CAPA enables organizations to track, manage activities and close corrective and preventive actions through a browser based, user friendly interface. For those customers with PSC’s Audit UtopiaTM or AuditcaTM, pre‐built integration enables seamless transfer of findings for follow‐up. EZ‐CAPA uniquely offers a combination of ease of use and power. So, tracking audit findings is simple and requires less effort than using desktop tools. More robust needs can be met by configuring fields and workflow to effort than using desktop tools. More robust needs can be met by configuring fields and workflow to support your business requirements.
Key Features:
Integration with Auditca™ & Audit Utopia™
• EZ‐CAPA imports observations and post‐audit issues directly from AuditcaTM and Audit UtopiaTM
Configurable Workflow and User Interface
• Workflow configuration accommodates your business process
• Add, modify, and remove input fields within each page
Email Reminders
• Email reminder sent when CAPA is coming due and when overdue
Reporting and Charting
• Criticality
• Category
• Type
• Author
• Author
• Open, Closed, Overdue
Audit Trail Report
• Audit trail report provides viewable history of all activities Email Notification
• When a user is assigned a task an email notification can be sent.
• Configurable e‐mail notification template.
Response E‐Signature Approval
• Workflow streamlines approval/rejection processes.
21
An International Business Partner
for Validation, Regulatory Compliance, Engineering Services, IT Solutions and Clinical Data Management
PSC Biotech Corporation
PSC Biotech Corporation (PSC) was established in 1996
◦ US Headquarters
x Pomona, CA
◦ US Offices:
was established in 1996
x Alameda, CA x San Diego, CA x Altoona, PA x Austin, TX
23
Strategic Planning for Validation
Design Qualification & GMP Reviews
Construction Qualifications
Manufacturing & Packaging Equipment V lid ti
Validation
Facility & Utility Validation
Laboratory Instrument Validation & Method Validation
Validation
Computer Systems Validation
Warehouse & Shipping Validation
Cleaning Validation
Cleaning Validation
Process Validation
Regulatory Compliance & GAP Analysisg y p y
GLP Compliance Design Reviews and Auditing
Quality Assurance Oversight
Functional and Design Specifications
GxP & 21 CFR Part 11 Assessments & Remediation
Raw Material Supplier Audits
Mock Audits
Mock Audits
Supply Chain Audits
Training
PSC’s testing and validation experience spans:p
Manufacturing computer systems,
HPLC’s, GC’s, centrifuges, TOC analyzers, NIR instruments, etc.
Water Systems,
Temperature controlled units such as p freezers, refrigerators, stability chambers, CO2 incubators
BSC, LAFs, Sterility test rooms, Fume hoods
25
` Various process validation projects
including filling, packaging, fractionation,
Process Validation Experience
g g, p g g, ,
and sterilization equipment.
` Cleaning cycle development, cleaning validation, sterilization cycle development and validation.
` PSC’s clients: Acambis, Baxter, IDM, Alpha Therapeutics, Leiner Health Products,
Watson Laboratories, BioSite, Dow Pharmaceuticals
Project Managers (PM) have experience
Project Managers (PM) have experience working in the Design, Construction
management, Commissioning, Validation, FDA Approval, Operations Training, Start-up and follow-up support.
Our PM’s understand the working
relationship between the Client Laboratory relationship between the Client, Laboratory Facilities Contractors, Equipment Suppliers, Corporate Engineering and Quality
Organizations.
` Project Managers will be on site and available for all Validation activities and meetings, g , ensuring continuity of activities and communication between groups.
` PSC is willing to work Nights, Weekends and Shift work to execute validation activities.
(No premiums applied.)
